After reading some stuff about click hijacking, I had a thought about a kind of vulnerability which doesn't fit in any other category of the forum.
The full article is on my blog: http://h0gar.net/?p=57

But here is an excerpt:

"Actually, we could just make it looking like they are dealing with a completely innocent website while they are dealing with another one. And this, by mixing the display/context.

To make it simple, here is an example:

Get a page with a “rate button” inside it. Put this page in an iframe within an under-control page. Put div layers over the iframe or use CSS clip to hide everything but the vote button. Then, build a new display around the iframe with the under-control page."

I guess it's possible to go quite far using this technique. Just require some free time and a little of intelligence.
And I'm actually surprised that I couldn't find anything talking about it...

But still. Almost all websites are vulnerable to it. And? Who cares?
I'm sure I could build some "UI Redressing" for some big open-sources projects or even sla.ckers. With some time. May not be as efficient as a good old XSS/CSRF, but all "we need" is one successful shot.
Even so there are existing protections against that.

But not tonight...

PS: And "UI Redressing" does sound better than my "Cross Site Display"...